Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-966

Key manager exported from legacy JSSE security domain does not work Elytron server-ssl-context

XMLWordPrintable

      It is not possible to use a key manager exported from legacy security domain (i.e. elytron-key-manager) in Elytron server-ssl-context. It results in:

      {
    "outcome" => "failed",
    "failure-description" => {
        "WFLYCTL0080: Failed services" => {"org.wildfly.security.ssl-context.ssc" => "org.jboss.msc.service.StartException in service org.wildfly.security.ssl-context.ssc: WFLYELY00019: No 'X509ExtendedKeyManager' found in injected value."},
        "WFLYCTL0412: Required services that are not installed:" => ["org.wildfly.security.ssl-context.ssc"]
    },
    "rolled-back" => true
}

      The exported KeyManager doesn't extend the X509ExtendedKeyManager class. A simple change to SecurityKeyManager should make it compatible with the Elytron ssl contexts.

            sguilhen Stefan Guilhen
            sguilhen Stefan Guilhen
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: